CVE-2020-25220

high

Description

The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.19.x before 4.19.140 has a use-after-free because skcd->no_refcnt was not considered during a backport of a CVE-2020-14356 patch. This is related to the cgroups feature.

References

https://bugzilla.redhat.com/show_bug.cgi?id=1868453

https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.194

https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.140

https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.233

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-4.14.y&id=82fd2138a5ffd7e0d4320cdb669e115ee976a26e

https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html

https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html

https://security.netapp.com/advisory/ntap-20201001-0004/

https://www.spinics.net/lists/stable/msg405099.html

Details

Source: MITRE

Published: 2020-09-10

Updated: 2021-01-20

Type: CWE-416

Risk Information

CVSS v2

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH

CVSS v3

Base Score: 7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH